The present invention relates to a completely automated public Turing test to tell computers and humans apart (CAPTCHA), and more particularly to an authentication technique using a CAPTCHA technique which can increase the attack resistance quantitatively while maintaining a certain level of readability.
CAPTCHA is a technique used for preventing robots from using various services provided by computers. It is known to use a CAPTCHA technique for simple authentication for preventing spam comments on blogs or for preventing robots from automatically obtaining a free e-mail account.
Various CAPTCHAs such as a CAPTCHA using audio data and a CAPTCHA using photo image data have been studied. However, in view of the ease of creating questions for tests and the use of environment constraints, a CAPTCHA using text images is sometimes commonly employed. In a CAPTCHA using text images, characters which are distorted or partly obscured are presented to the user. Then, if the correct characters are inputted by the user, the user is assumed to be human.
However, recently, with the improvement in the accuracy of an optical character reader (OCR) technique, attacks by spammers have been succeeding in breaking such a CAPTCHA technique using two-dimensional text images. Although means for complexly varying the background of a two-dimensional text image can be used as a countermeasure, the use of such means may make it difficult also for humans to read the characters.
Japanese Patent Application Publication No. 2005-322214 discloses techniques of providing text images that allow humans to easily read characters thereon while making it difficult for computers to read the characters. A technique disclosed in Japanese Patent Application Publication No. 2005-322214 is to partially mitigate the probability of creating unsolvable or impossible questions (challenges), by reducing the randomness with which arcs and/or clutter are arranged about or combined with a HIP sequence by more evenly dispersing arcs and/or clutter across the text.
One technique uses a dummy character effective in scattering attacks over an image for a challenge as disclosed in Japanese Patent Application Publication No. 2005-322214. The technique uses an arc with a width close to or larger than the average width of a character font. In this technique, an image having characters placed therein, arcs may be evenly arranged without overlapping the characters.
Another technique for making it difficult for computers to read characters is to present authentication data in the form of animation as shown, for example, in László Zsidi “animated_captcha”<URL http://www.phpclasses.org/browse/package/3423.html> accessed on Jan. 22, 2008 (hereinafter “Zsidi”). In this technique, authentication data analysis may be made difficult for robots by prohibiting an entire text for authentication from appearing in each of the frames of two-dimensional images forming animation. In other words, the technique may prohibit all the characters in a character string for authentication from appearing together in a single frame.
However, even with the above-described conventional techniques, it may be difficult to increase the attack resistance quantitatively while maintaining a certain level of readability, in response to use situations and technical advance. In the above techniques of Japanese Patent Application Publication No. 2005-322214, a HIP sequence presented to the user is a single two-dimensional image. Accordingly, when the number of arcs and/or clutters is increased to make it difficult for computers to read characters, the amount of overlap between characters and arcs and/or clutters increases, and thus the readability is reduced. Moreover, when the number of arcs serving as dummy characters is increased, the two-dimensional image results in being larger in size since such arcs need to be arranged away from the characters. Hence, the readability is reduced all the same.